The ransom-ware “WannaCry”, already labelled as the world’s biggest cyber attack, gave us a glimpse of how vulnerable the always-connected world of the future is. As around 100 countries were targeted: hospitals in the UK, trains in Germany, FedEx in the US, phone companies in Portugal and Spain and many more were victims of blackmailers.Friday, May 12: According to Avast, more than 75,000 ransomware attacks were launched and affected countries all around the world. Europe, the US, China – the so-called “WannaCry” attack is the biggest witnessed so far, security experts say. The malware exploits a vulnerability in Microsoft’s operating system Windows and affected XP, 8 and Windows Server 2003. The newest version, Windows 10, was not affected.
“Affected machines have six hours to pay up and every few hours the ransom goes up,” Kurt Baumgartner of the security firm Kaspersky Lab explains. The computers are locked and an extortion message appears – if the users want to get their data back, they have to pay up in Bitcoin. “Most folks that have paid up appear to have paid the initial $300 in the first few hours”, Baumgartner said. The exploit is apparently part of the hacking arsenal of the US National Security Agency (NSA) – it was leaked last month.
For some systems, Microsoft had closed the vulnerability in March. Others, like XP, aren’t getting updates anymore – the software company did make an exception as the attack spread. That won’t work for the already affected machines, however. Apparently, the attack was accidentally stopped on Saturday as IT security experts from Malware Tech Blog stumbled across a so-called kill switch. By registering a domain which could be tracked back to the attackers, the malware was stopped from spreading.